/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.lvyh.lightframe.cloud.uaa.config;

import com.lvyh.lightframe.cloud.common.constant.SystemConstants;
import com.lvyh.lightframe.cloud.common.model.SysUser;
import com.lvyh.lightframe.cloud.common.util.JsonUtil;
import com.lvyh.lightframe.cloud.uaa.model.OAuthUserDetails;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

import java.util.Map;

/**
 * 自定义JwtAccessToken转换器用于添加额外用户信息
 */
public class JwtAccessToken extends JwtAccessTokenConverter {

    /**
     * 生成token
     *
     * @param accessToken
     * @param authentication
     * @return
     */
    @Override
    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
        DefaultOAuth2AccessToken defaultOAuth2AccessToken = new DefaultOAuth2AccessToken(accessToken);

        /**设置额外用户信息
         * JwtAccessToken 类中从authentication里的getPrincipal（实际为UserDetails接口）获取用户信息，
         * 所以我们需要实现自己的UserDetails
         */
        OAuthUserDetails oAuthUserDetails = (OAuthUserDetails) authentication.getPrincipal();
        SysUser sysUser = new SysUser();
        sysUser.setUsername(oAuthUserDetails.getUsername());
        sysUser.setEnabled(oAuthUserDetails.getEnabled());
        sysUser.setPassword(null);

        // 将用户信息添加到token额外信息中
        defaultOAuth2AccessToken.getAdditionalInformation().put(SystemConstants.USER_INFO, sysUser);

        return super.enhance(defaultOAuth2AccessToken, authentication);
    }

    /**
     * 解析token
     */
    @Override
    public OAuth2AccessToken extractAccessToken(String value, Map<String, ?> map) {
        OAuth2AccessToken oauth2AccessToken = super.extractAccessToken(value, map);
        convertData(oauth2AccessToken, oauth2AccessToken.getAdditionalInformation());
        return oauth2AccessToken;
    }

    private void convertData(OAuth2AccessToken accessToken, Map<String, ?> map) {
        accessToken.getAdditionalInformation().put(SystemConstants.USER_INFO, convertUserData(map.get(SystemConstants.USER_INFO)));

    }

    private SysUser convertUserData(Object map) {
        String json = JsonUtil.toJSONString(map);
        SysUser user = JsonUtil.toObject(json, SysUser.class);
        return user;
    }
}